2 This file is part of GNUnet.
3 Copyright (C) 2016 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
22 * @author Martin Schanzenbach
25 * Identity provider service; implements identity provider for GNUnet
27 * @defgroup reclaim Identity Provider service
30 #ifndef GNUNET_RECLAIM_SERVICE_H
31 #define GNUNET_RECLAIM_SERVICE_H
36 #if 0 /* keep Emacsens' auto-indent happy */
41 #include "gnunet_util_lib.h"
42 #include "gnunet_reclaim_attribute_lib.h"
45 * Version number of GNUnet Identity Provider API.
47 #define GNUNET_RECLAIM_VERSION 0x00000000
50 * Handle to access the identity service.
52 struct GNUNET_RECLAIM_Handle;
57 struct GNUNET_RECLAIM_Token;
62 struct GNUNET_RECLAIM_Ticket
67 struct GNUNET_CRYPTO_EcdsaPublicKey identity;
72 struct GNUNET_CRYPTO_EcdsaPublicKey audience;
75 * The ticket random (NBO)
81 * Handle for an operation with the identity provider service.
83 struct GNUNET_RECLAIM_Operation;
87 * Connect to the identity provider service.
89 * @param cfg Configuration to contact the identity provider service.
90 * @return handle to communicate with identity provider service
92 struct GNUNET_RECLAIM_Handle *
93 GNUNET_RECLAIM_connect (const struct GNUNET_CONFIGURATION_Handle *cfg);
96 * Continuation called to notify client about result of the
100 * @param success #GNUNET_SYSERR on failure (including timeout/queue drop/failure to validate)
101 * #GNUNET_NO if content was already there or not found
102 * #GNUNET_YES (or other positive value) on success
103 * @param emsg NULL on success, otherwise an error message
106 (*GNUNET_RECLAIM_ContinuationWithStatus) (void *cls,
112 * Store an attribute. If the attribute is already present,
113 * it is replaced with the new attribute.
115 * @param h handle to the identity provider
116 * @param pkey private key of the identity
117 * @param attr the attribute
118 * @param exp_interval the relative expiration interval for the attribute
119 * @param cont continuation to call when done
120 * @param cont_cls closure for @a cont
121 * @return handle to abort the request
123 struct GNUNET_RECLAIM_Operation *
124 GNUNET_RECLAIM_attribute_store (struct GNUNET_RECLAIM_Handle *h,
125 const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
126 const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr,
127 const struct GNUNET_TIME_Relative *exp_interval,
128 GNUNET_RECLAIM_ContinuationWithStatus cont,
133 * Process an attribute that was stored in the idp.
136 * @param identity the identity
137 * @param attr the attribute
140 (*GNUNET_RECLAIM_AttributeResult) (void *cls,
141 const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
142 const struct GNUNET_RECLAIM_ATTRIBUTE_Claim *attr);
147 * List all attributes for a local identity.
148 * This MUST lock the `struct GNUNET_RECLAIM_Handle`
149 * for any other calls than #GNUNET_RECLAIM_get_attributes_next() and
150 * #GNUNET_RECLAIM_get_attributes_stop. @a proc will be called once
151 * immediately, and then again after
152 * #GNUNET_RECLAIM_get_attributes_next() is invoked.
154 * On error (disconnect), @a error_cb will be invoked.
155 * On normal completion, @a finish_cb proc will be
158 * @param h handle to the idp
159 * @param identity identity to access
160 * @param error_cb function to call on error (i.e. disconnect),
161 * the handle is afterwards invalid
162 * @param error_cb_cls closure for @a error_cb
163 * @param proc function to call on each attribute; it
164 * will be called repeatedly with a value (if available)
165 * @param proc_cls closure for @a proc
166 * @param finish_cb function to call on completion
167 * the handle is afterwards invalid
168 * @param finish_cb_cls closure for @a finish_cb
169 * @return an iterator handle to use for iteration
171 struct GNUNET_RECLAIM_AttributeIterator *
172 GNUNET_RECLAIM_get_attributes_start (struct GNUNET_RECLAIM_Handle *h,
173 const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
174 GNUNET_SCHEDULER_TaskCallback error_cb,
176 GNUNET_RECLAIM_AttributeResult proc,
178 GNUNET_SCHEDULER_TaskCallback finish_cb,
179 void *finish_cb_cls);
183 * Calls the record processor specified in #GNUNET_RECLAIM_get_attributes_start
184 * for the next record.
186 * @param it the iterator
189 GNUNET_RECLAIM_get_attributes_next (struct GNUNET_RECLAIM_AttributeIterator *it);
193 * Stops iteration and releases the idp handle for further calls. Must
194 * be called on any iteration that has not yet completed prior to calling
195 * #GNUNET_RECLAIM_disconnect.
197 * @param it the iterator
200 GNUNET_RECLAIM_get_attributes_stop (struct GNUNET_RECLAIM_AttributeIterator *it);
204 * Method called when a token has been issued.
205 * On success returns a ticket that can be given to the audience to retrive the
209 * @param ticket the ticket
212 (*GNUNET_RECLAIM_TicketCallback)(void *cls,
213 const struct GNUNET_RECLAIM_Ticket *ticket);
216 * Issues a ticket to another identity. The identity may use
217 * GNUNET_RECLAIM_ticket_consume to consume the ticket
218 * and retrieve the attributes specified in the AttributeList.
220 * @param h the identity provider to use
221 * @param iss the issuing identity
222 * @param rp the subject of the ticket (the relying party)
223 * @param attrs the attributes that the relying party is given access to
224 * @param cb the callback
225 * @param cb_cls the callback closure
226 * @return handle to abort the operation
228 struct GNUNET_RECLAIM_Operation *
229 GNUNET_RECLAIM_ticket_issue (struct GNUNET_RECLAIM_Handle *h,
230 const struct GNUNET_CRYPTO_EcdsaPrivateKey *iss,
231 const struct GNUNET_CRYPTO_EcdsaPublicKey *rp,
232 const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs,
233 GNUNET_RECLAIM_TicketCallback cb,
237 * Revoked an issued ticket. The relying party will be unable to retrieve
238 * updated attributes.
240 * @param h the identity provider to use
241 * @param identity the issuing identity
242 * @param ticket the ticket to revoke
243 * @param cb the callback
244 * @param cb_cls the callback closure
245 * @return handle to abort the operation
247 struct GNUNET_RECLAIM_Operation *
248 GNUNET_RECLAIM_ticket_revoke (struct GNUNET_RECLAIM_Handle *h,
249 const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
250 const struct GNUNET_RECLAIM_Ticket *ticket,
251 GNUNET_RECLAIM_ContinuationWithStatus cb,
257 * Consumes an issued ticket. The ticket is persisted
258 * and used to retrieve identity information from the issuer
260 * @param h the identity provider to use
261 * @param identity the identity that is the subject of the issued ticket (the audience)
262 * @param ticket the issued ticket to consume
263 * @param cb the callback to call
264 * @param cb_cls the callback closure
265 * @return handle to abort the operation
267 struct GNUNET_RECLAIM_Operation *
268 GNUNET_RECLAIM_ticket_consume (struct GNUNET_RECLAIM_Handle *h,
269 const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
270 const struct GNUNET_RECLAIM_Ticket *ticket,
271 GNUNET_RECLAIM_AttributeResult cb,
275 * Lists all tickets that have been issued to remote
276 * identites (relying parties)
278 * @param h the identity provider to use
279 * @param identity the issuing identity
280 * @param error_cb function to call on error (i.e. disconnect),
281 * the handle is afterwards invalid
282 * @param error_cb_cls closure for @a error_cb
283 * @param proc function to call on each ticket; it
284 * will be called repeatedly with a value (if available)
285 * @param proc_cls closure for @a proc
286 * @param finish_cb function to call on completion
287 * the handle is afterwards invalid
288 * @param finish_cb_cls closure for @a finish_cb
289 * @return an iterator handle to use for iteration
291 struct GNUNET_RECLAIM_TicketIterator *
292 GNUNET_RECLAIM_ticket_iteration_start (struct GNUNET_RECLAIM_Handle *h,
293 const struct GNUNET_CRYPTO_EcdsaPrivateKey *identity,
294 GNUNET_SCHEDULER_TaskCallback error_cb,
296 GNUNET_RECLAIM_TicketCallback proc,
298 GNUNET_SCHEDULER_TaskCallback finish_cb,
299 void *finish_cb_cls);
302 * Lists all tickets that have been issued to remote
303 * identites (relying parties)
305 * @param h the identity provider to use
306 * @param identity the issuing identity
307 * @param error_cb function to call on error (i.e. disconnect),
308 * the handle is afterwards invalid
309 * @param error_cb_cls closure for @a error_cb
310 * @param proc function to call on each ticket; it
311 * will be called repeatedly with a value (if available)
312 * @param proc_cls closure for @a proc
313 * @param finish_cb function to call on completion
314 * the handle is afterwards invalid
315 * @param finish_cb_cls closure for @a finish_cb
316 * @return an iterator handle to use for iteration
318 struct GNUNET_RECLAIM_TicketIterator *
319 GNUNET_RECLAIM_ticket_iteration_start_rp (struct GNUNET_RECLAIM_Handle *h,
320 const struct GNUNET_CRYPTO_EcdsaPublicKey *identity,
321 GNUNET_SCHEDULER_TaskCallback error_cb,
323 GNUNET_RECLAIM_TicketCallback proc,
325 GNUNET_SCHEDULER_TaskCallback finish_cb,
326 void *finish_cb_cls);
329 * Calls the record processor specified in #GNUNET_RECLAIM_ticket_iteration_start
330 * for the next record.
332 * @param it the iterator
335 GNUNET_RECLAIM_ticket_iteration_next (struct GNUNET_RECLAIM_TicketIterator *it);
338 * Stops iteration and releases the idp handle for further calls. Must
339 * be called on any iteration that has not yet completed prior to calling
340 * #GNUNET_RECLAIM_disconnect.
342 * @param it the iterator
345 GNUNET_RECLAIM_ticket_iteration_stop (struct GNUNET_RECLAIM_TicketIterator *it);
348 * Disconnect from identity provider service.
350 * @param h identity provider service to disconnect
353 GNUNET_RECLAIM_disconnect (struct GNUNET_RECLAIM_Handle *h);
357 * Cancel an identity provider operation. Note that the operation MAY still
358 * be executed; this merely cancels the continuation; if the request
359 * was already transmitted, the service may still choose to complete
362 * @param op operation to cancel
365 GNUNET_RECLAIM_cancel (struct GNUNET_RECLAIM_Operation *op);
367 #if 0 /* keep Emacsens' auto-indent happy */
375 /* ifndef GNUNET_RECLAIM_SERVICE_H */
378 /** @} */ /* end of group identity */
380 /* end of gnunet_reclaim_service.h */